SUMMARY

• Having 7 years of professional experience in Network engineering in performing Network analysis, design, Implementing, capacity planning with a focus on performance tuning and support of large Networks.
• Experience in configuration and setting up Cisco routers to perform functions at the Access, Distribution and Core layers
• Experience working on Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000 and 7000 series switches.
• Configure, maintain and design network security solutions including firewalls (CheckPoint and Cisco ASA), IDS/IPS (CheckPoint and SourceFire), VPN, ACLs, Web Proxy, etc.
• Hands on experience on NGFW Firewall management and UTM solutions (IPS/IDS, DLP, Gateway Antivirus, Antispam, Content Filtering, Application Control)
• Strong hands on experience on PIX Firewalls
• Hands on experience on Operations and management of Aruba based wireless network providing multiple SSID platform for DoD users
• Intrusion Detection - monitor and analyze real time security alerts triggered on the network by Cisco Sourcefire
• Implementing, maintaining and troubleshooting switching tasks such as VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, EtherChannel using LACP and PAGP, Inter-Vlan routing, CEF and DCEF.
• Execution of life cycle process for network equipment, including OS patching and upgrades
• Experienced in configuring, deploying, maintaining, and troubleshooting of routing protocols like RIP, OSPF, EIGRP, Policy routing, and BGP on Cisco routers.
• In-depth knowledge on Route Manipulation, Filtering and troubleshooting route re-distribution across multiple protocols.
• Good Knowledge and understanding of Software Defined Networking (SDN) and Cisco ACI Technology
• Hands on experience in using Visio Diagram to design Network Architecture for Data Centers.
• Executed troubleshooting technical, networking, and hardware related issues related to servers and other appliances in Data Center.
• Worked on implementing first hop redundancy protocols like HSRP, VRRP, and GLBP.
• Network security policies like NAT, PAT, VPN, DMVPN, Route-maps and Access lists.
• Worked on WAN technologies such as Frame-relay, PPP, HDLC, and DS3.
• Maintaining and updating inventory using Network Management Application layer softwares like SNMP, Wireshark, NTP, and Syslog.
• Experience with different Network Management Tools and Sniffers like Wireshark (ethereal), Kiwi CatTools, HP-Open view and Zenoss monitoring tool.
• Debugging project issues with oauth APIs
• Configured Cisco Wireless Networks like IEEE 802.11 a/b/g/n, LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, RF spectrum characteristics.
• Performed security operations on ASA firewalls.
• Hands on experience in upgrading and troubleshooting OS for cisco firewalls like ASA and FMC.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Extensive knowledge in developing test plans, procedures and testing various LAN/WAN products and protocols.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series.
• L2/L3 support of Production Batch, which includes monitoring batch on rotational basis, job failure analysis and bug fixing, batch tuning, basic UNIX system and process management.
• Architected and implemented data migration; including initial installation, implementation, customization, integration and customer expectations.
• Experience in managing and migration of large scale enterprise networks.
• Responsible for the patching and monitoring of vulnerabilities through Nessus Security Center with Nessus Scanners
• Good Knowledge in GIAC Security Essentials
• Experience with different Network Management Tools and Sniffers like Wireshark, NMap, Solar Winds, CISCO works, Netscout, HP-Open view
• Experience in configuring and troubleshoot of Wireless LAN Controller and Access Points.
• Authentication and termination of IPSec or SSL VPNs using RADIUS, TACACS, and/or IPSec
• Experience in implementation of F5 GTM based on topology load balancing methods.
• Excellent experience in deploying and troubleshooting on different platforms like Cisco, Juniper and BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Knowledge in designing and configuring network according to MediaPro Compliance.
• Good knowledge in Designing Security as per MediaPro Compliance.
• F5 Load Balancers.
• Experience with Cisco ASA/Checkpoint/Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Hands on experience on cisco fabric interconnects and cisco blade servers.
• Expert in NAT, Access List and Object Groups configurations in firewalls.
• Experience on Cisco ASA 5500 and ASA 5550, Palo Alto PA-500, PA-3060, PA-5060 series firewalls.
• Advanced knowledge on Internet working, OSI model, TCP/IP, network architecture, system security and firewall infrastructure.
• Knowledge in Application Security testing.
• Setup and support a network sniffer with Netscout's nGenius Infinistream software to measure application metrics
• Experience in Cisco QOS Configuration.

TECHNICAL SKILLS

• Nexus 7K, 5K, 2K & 1K, Cisco routers 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), CISCO UCS 6200 series fabric interconnects, CISCO RACK SERVERS, CSR/ASR, IOS-XR, Cisco ACS, RSA, ASA, FMC and Sourcefire.
• SRX, MX, EX Series Routers and Switches, Netscreen 6500, 6000, 5400, SSG, SRX Firewalls
• Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
• VLAN, VTP, STP, RSTP, Inter VLAN routing and Multi-Layer SwitchingFirewall /(IDS/IPS) ASA Firewall Checkpoint, Cisco ASA 5585, 5550, 5540, Palo Alto … FSWM, CiscoPIX, Cisco/source fire, checkpoint IPS, Tipping point, CISCO NGFW, IBM Proventia
• Solar Winds, SNMP, Cisco Works, Wireshark, Fluke, PRTG/MRTG, Kiwi CatTools, netscout, Sniffer pro, SDN, Cisco Prime
• ACE, A10 Cisco CSM, F5 Networks (Big-IP, LTM, GTM, ASM), VIPRION F5 Citrix Netscaler, Blue Coat SG8100, AV 510, AV810
• Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 / T3 & SONET
• Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
• IKE, IPSEC, SSL-VPN, SAML 2.0, OAUTH, OPENldap, Q radar, Cisco FireSIGHT Networking Protocols RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA
• Perl, C, C++, Python, PL/SQL, HTML/DHTML, Power shell, SOAP, XML.
• Windows 7/XP, MAC OS X, Windows Server Linux, Unix, Active Directory, Virtualization(Vmware).

PROFESSIONAL EXPERIENCE

Network Security Engineer

Confidential - Yonkers, NY

Responsibilities:

• Bluecoat Troubleshoot for Root Cause Analysis to ensure limited downtime
• Bluecoat Configuration modification for updates to rule sets
• Implement Bluecoat policy after testing it on Lab environment.
• Deploys on-site to assist with design and installation of client purchased BlueCoat solutions.
• Administration, maintenance and enhancements in Symantec Endpoint Protection.
• Day-to-day maintenance of Symantec Anti-Virus and Anti-Spyware, Firewall, Intrusion Prevention, Application and Device Control, and Live-Update Administrator via phone, email and chat support.
• Assistance with virus and spyware mitigation, detection and removal.
• Working in incident response team.
• Configure and maintain Bluecoat ASG500 gateways for all HTTP and HTTPS traffic traversing the PBGC network. Effectively update the Visual Policy manager (VPM) as per required access by the client. Periodically upgrade the bluecoat devices to desired feature set OS level as required.
• Perform monitoring and maintenance on all network elements which include Cisco 6500, 4500, 4000 switches; Cisco 3750, 3500, 2900 switches; Cisco 3700, 3600, 2800, 2600, 1600 routers, and IP networks, protocols to include but not limited to: TCP/IP, BGP, IGP, OSPF, EIGRP, Spanning-Tree, SNMP, SSH, IPSec, 802.1q.

Sr. Network Security Engineer

Confidential - Tampa, FL

Responsibilities:

• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, CHECKPOINT AI, NGX, Nokia IP 740/530/340 Appliances on IPSO platform.
• As a part of Security Engineering team responsible for managing, maintaining and monitoring of Checkpoint and Palo Alto Firewalls
• Support Bluecoat proxy migration to new platform for all Business and Datacenters in environment
• Add changes to proxy and network infrastructure via change control process
• Review and approve network changes at L3 level
• Support and troubleshoot Cisco and Websense environments
• Configuring and supporting Websense
• Administer End-Point Security for Carbon Black for Ransomware analytics
• Part of Client/Vendor IOS upgrade project tasked with upgrading IOS versions on cisco routers to resolve vulnerabilities
• Provide security application support of McAfee products and incident management. Products include McAfee ePO, Anti-virus, HIPS, EEPC (Encryption), and removable media encryption
• Install, configure, and manage IBM Security Guardium database activity monitoring environments, including: real-time monitoring and alerting, client database discovery and data classification, report creation, compliance workflow, and configuration auditing.
• Provided video training of all complicated functions
• Configured, Maintain and Monitored Forcepoint Proxy.
• Keep detailed records for tracing incidents, request for IT service, and problem tickets.
• Installing and configuring Viprion F5 load balancers.
• Maintain and troubleshoot ASM firewall.
• Assisted with Palo Alto NG Firewall implementation and switch from Checkpoint Firewall.
• Maintain, and operate lab wide Vulnerability Assessment deployment (Security Center/ Nessus)
• Installed and configured QualysGuard server appliances (both physical servers and virtual cloud based servers), and ran various ad-hoc/custom/standard reports
• Vulnerability Scanning Using Nexpose or Rapid7, Identify false positive and then analyzing the results.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Network routers with Site-Site VPN, and firewalls.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240.
• Implemented SAN top 20 using logrythm tools.
• Installed CISCO UCS rack servers to automate and accelerate deployment for all applications.
• Tuned Qradar SIEM to present relevant information to Security Operations Center
• Maintain QRadar components like Console, Event Processors, Flow processors, Event Collectors, Flow collectors to Coach Environment for Log collection and monitoring.
• Integrate Vulnerability scanner to QRadar to populate vulnerability information to associate internal assets.
• Recommended and configure Correlation rules and reports and dashboards in QRadar Environment.
• Configure Network Hierarchy and Back up Retention configuration in QRadar SIEM.
• Installed CISCO UCS rack servers to provide scalability and capacity for Splunk enterprise deployments. analyzed traffic and report if malicious, as well as support internal infrastructure as well as DDoS customers.
• Provide research and documentation to customer based on current DDoS attack vectors and our ability to mitigate such attacks.
• Managed all windows 2003 servers, Active directory, DNS and WAN Switching.
• Configured Cisco ISE server to authenticate wired and wireless clients with certificate and MAC options.
• Integrating Configuring RSA SecurID with Cisco ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.
• Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat ProxySG and other vendors such as Palo Alto networks NGFW for URL filtering
• Comprehensive service-performance management platform across UC&C and any other voice, data, and video service from a single pane using Cisco ACI
• Involved in a team to support and engineering for server, networking, and storage at company data centers, including disaster recovery.
• Managed entire network infrastructure using Cisco Prime network monitoring tool.
• Working with Cisco Prime to Configure move & map wireless access points
• As a Cisco, Prime Admin involved in setting up the operations center for cisco prime infrastructure.
• Involved in a team in Monitoring and analyzing data center server infrastructure and related network environment to ensure reliability and resolve technical problems.
• Installing, configuring and supporting Active Directory.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Implemented flow installation in SDN enabled switches for Cisco and Bigswitch using REST
• Writing scripts for moving data from old system to new system.
• Involved in a team upgrading OS in CISCO ASA and Source Fire.
• Prepare Develop Mcafee Epo policies like HIPS, Anti-virus, Site Advisor, Encryption
• Deployed McAfee Network DLP
• Created clusters in VMware vCenter and Upgrading VMware infrastructure components using VUM
• Managing the changes through export/import of CSV spreadsheets on Infoblox web interface
• Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers, switches and firewalls. Generate network device configuration reports, such as port, MAC, APR and version details
• Involved in configuring IP Quality of service (QoS).
• Adding security rules and pushing the security policy on Checkpoint Using Smart Update, User Management and Authentication in Checkpoint Firewall
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE
• Tested components of the Nessus Vulnerability Scanner within an Agile SDLC
• Involved as a Splunk Admin in capturing, analyzing and monitoring front end and middle ware applications.
• Installing and using Splunk apps for UNIX and Linux ( Splunk nix).
• Experience on Splunk Enterprise Deployments and enabled continuous integration on as part of configuration (props.conf, Transforms.conf, Output.confg) management.
• Used NetScout for troubleshooting firewall related packet drops and reachability issues.
• Involved in the designing/development of new proposal system for MTVN by using SQL and PL/SQL.
• Implemented the SAML federated services for vendors Benefits Express, MetLife, Prolease, and Cven
• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Estimated Project costs and created documentation for project funding approvals.
• Planned resources and presented project status to higher management.
• AWS security, checking for any configuration change in the AWS resources using SPLUNK.
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
• Installed different software on the systems. Install and managing network devices including Hubs, Switches.
• Working in high availability Nexus Environment and provide Level 3 Network Support.
• Configuring, upgrading and verifying the NX-OS.
• Basic and advanced F5 GTM load balancer configurations, general troubleshooting of the F5 load balancers.
• Created Compliance Security Baseline and Vulnerability Assessment dashboard for IBM Guardium Security for Database Server and Database Instances.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope.
• Configured routers and coordinated with LD Carriers and LECs to turn-up new WAN circuits.
• Providing Level 3 support to customers, resolving issues by attending to conference calls.
• Providing Level 3 Engineering and Support to other internal network engineers and contractors.
• Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, and Bundle Ethernet implementation on ASR 9K redundant pair.
• Use of multiple network monitoring tools (netscout, Sniffer pro, etc.) to resolve lan/wan issues
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Analyzed customer application and bandwidth requirements, ordered hardware and circuits, and built cost effective network solutions to accommodate customer requirements and project scope
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Setup network while following Security Compliance of HIPAA and PCI-DSS.

Sr. Network Security Engineer

Confidential - Philadelphia, PA

Responsibilities:

• Worked on Cisco ASA 5540 Series that includes rule deployment, configuration using Network & Port objects. Deployment of DMZ and troubleshooting ASA Cluster failovers.
• Configuration of Aruba Wireless networks. Extensive knowledge of Aruba technology.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
• Involved in the configuration and maintenance of IPsec Site-Site VPN.
• Implemented F5 Application Security Manager (ASM) web security policies for multiple applications.
• Assisted in the transition of the Carbon Black Endpoint Protection Managed Service
• Strong hands on and exposure to Checkpoint & Palo Alto on a regular basis.
• Integrated Forcepoint proxy with network.
• Deployment of Sourcefire and Firesight management center for various Sourcfire enabled firewalls
• Network Firewalls - including Juniper Network Security Manager, Netscreen Firewalls ScreenOS SSG/ISG/SRX
• Worked on HP security tool Fortify 360
• Good Knowledge on Juniper SRX configurations on various platforms of Junos.
• Manage, maintain and configure Juniper SRX 650 firewalls clusters and nodes
• Configure and maintain customer VPNs tunnels on SRX 650.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series.
• Managed, implemented, and streamlined a Websense Web Content Filter system
• McAfee ePO, Anti-Virus for 500+ Windows servers and 25000+ users including Disk Encryption, SIEM agent and Site Advisor deployment
• Use Websense to add and remove Malicious URL's, monitor band with, and filter out bad websites daily for the whole enterprise
• Prepare daily security management brief and advisories utilizing data from Forcepoint
• Run weekly reports in Websense as well to find vulnerabilities in the enterprise
• Administer policy settings and upgrades to Forcepoint Triton APX Web
• Develop/Enforce policy and procedural changes.
• Helped migrating and managing multiple applications from on premise to cloud using AWS services
• Configured, supported and maintained all network, firewall, storage, load balancers, operating systems, and software in Amazon AWS EC2 and Created detailed amazon AWS Security groups which behaved as virtual firewalls that controlled the traffic allowed reaching one or more AWS EC2 instances.
• Created rules for evident.io AWS cloud security.
• Analyze offenses generated in QRadar (SIEM) and determine course of action, whether to escalate as an attack or create Service Requests to other IT groups for resolution of misconfigured devices.
• QRadar Admin work of Rule creation and changes to system rules to suite our environment. Maintain configuration logs of these changes.
• Management of QRadar connected hosts for firmware and software upgrades issued by IBM for both appliances and VMs.
• Develop and enforce corporate standards and guidelines
• Substantial experience in deploying, configuring and administering Splunk clusters
• Maintenance of Splunk Environment with multiple Indexers. • Worked on log parsing, complex Splunk searches, including external table lookups.
• Develop and demonstrate IBM Security Guardium proof of concept (POC) client presentations.
• As a Cisco Prime Administrator involved in setting up the cisco prime server settings.
• Integrating ISE with external identity stores such as Windows AD, Cisco ACS LDAP.
• Set up Cisco ISE Identity Services Engine
• Migration of IPSec VPN services from ASA to Palo Alto NGFW
• Cisco ACI, VLAN, VXLAN, and network virtualization using generic routing encapsulation (NV-GRE), which is combined and bridged together to create a logical network/domain as needed.
• Involved in Active Directory design and maintenance.
• Involved in server team using cisco interconnects for cisco blade servers
• Performed basic security and ACL administration on Juniper SRX firewalls. That includes day to day rule deployment, troubleshooting using data flow analysis and packet capture.
• Planned and implemented network design, including Wide Area Networking (WAN), Local Area Networking (LAN), Multiple Protocol Labeling Switching (MPLS), DS3.
• Integrate applications with OpenID Connect with different API's
• Troubleshoot and hands on experience on security related issues on Cisco ASA/PIX, Checkpoint and Palo Alto Firewalls.
• Monitored network for optimum traffic distribution and load balancing using Solar winds
• Configured OpenLDAP with UNIX pam, and enabled users to authenticate against LDAP
• Actively involved in fault management and change management of the network in order to provide high availability.
• Deployed Palo Alto Firewalls for web filtering and application control.
• Worked on MPLS complex routing changes on BGP, OSPF & EIGRP where P2P circuits are implemented and preferred.
• Troubleshoot network access issues with other enterprise support groups.
• Worked on skillful deployment of Layer-2 technologies like VLANS, VTP, STP, RSTP, Inter-VLAN routing, VLAN Trunking, Ether Channels, VLAN access-maps and port security.
• Experience with working on latest cisco switches like Nexus 2000, 5000 and 7000 series switches while implementing advanced features like VDC, and VPC.
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise.
• Troubleshooting, optimizing and documenting LAN/WAN technologies and T1/T3 WAN technologies.
• Configured VPN routers for remote sites access with correct security policies.
• Efficient in configuring and implementing load balancers like Cisco ACE, and A10
• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500,1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
• Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured switches with port security and 802.1 xs for enhancing customer's security.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Hands-on experience in deploying GRE tunnels, Remote Access VPN and Site-to-Site VPN.
• Configured STP for loop prevention on Cisco Catalyst Switches.
• Day to day network trouble tickets and problems, troubleshoot to resolution
• Proactively monitor, troubleshoot, and optimize network performance and application interfaces to the network
• Install, upgrade, support and troubleshoot applications hosted on windows server 2000/2003/2008.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Handled Tech Support as it relates to LAN & WAN systems.
• Experience in working with Cisco Nexus 5000 series switches for data center.

Network Security Engineer

Confidential - Boston, MA

Responsibilities:

• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Provided remote Technical support on implementation of technology using various Juniper Network & Security products and applications and resolve product related issues through research and troubleshooting.
• Involved in configuring and troubleshooting Juniper Firewalls including UTM features like anti-virus, deep inspection (IDP), URL filtering and screening.
• Responsible for Cisco ASA and Palo Alto configuration and administration of networks.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Involved as Platform Engineer for Sourcefire including all 4.10 and NG and NGFW
• Integrated web application delivery controller(ADC).
• Working knowledge of Imperva Security in monitoring Web Application Firewalls (WAF).
• Experienced in the installation of Imperva SecureSphere appliance and virtual.
• Virtual Private Networks on Cisco ASAs with AnyConnect, Cisco ISE for authentication, as well as site to site VPN
• Experience with Penetration testing.
• Implemented new Cisco ASA's, installed the framework for Cisco ACI and implemented new F5 LTM's and GTM's.
• Creating, implementing and testing Citrix NetScaler ADC (Application Delivery Controller) responder policies in order to meet DDoS defense strategies
• Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Performed various configurations using the CISCO SDM like configuring VPN, Security Audits, Firewalls, VLANS.
• On boarding applications and configuration of privileged accounts in CyberArk.
• Handling day-to-day support activities for CyberArk
• Mitigation of the risks using CyberArk, Aveksa and policy changes on servers
• On boarding applications and configuration of privileged accounts in CyberArk
• Worked on Firewall Testing
• Worked on software based ADC on VMware
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
• Responsible for Cisco Proxy ESA and WSA.
• Everyday performance with the Cisco Iron ports - WSA S170 (Web Security Appliance) Version: 8.0.6-119, ESA C370 (Email Security Appliance) Version: 8.5.6-074, and M670 - Content Security Management Appliance Version: 8.3.6-028
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers
• Installation and configuration of CISCO VPN concentrators 3000 for VPN tunnel and implementation of SDM for IPsec VPN.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Responsible for excellent customer management/resolution, problem solving and debugging skills with good verbal/written communications and presentation skills.
• Everyday performance with the latest version 13.3 of Junos-Space
• Daily responsibilities with Unix Bastion Host loggers and trouble shooting.

Network Engineer

Confidential

Responsibilities:

• Managing the service request tickets within the phases of troubleshooting, maintenance, upgrades, fixes, patches and providing all-round technical support.
• Commissioning and Decommissioning of the MPLS circuits for various field offices.
• Preparing feasibility report for various upgrades and installations.
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade
• Installation of Routers, Switches, Firewall and Network Cables in datacenter.
• Implementation of routing protocols, configured firewall.
• Troubleshooting complex networks layer 1, 2to layer 3 (routing with MPLS, BGP, EIGRP, OSPF protocols) technical issues.
• Providing support to networks containing more than 2000 Cisco devices.
• Performing troubleshooting for IOS related bugs by analyzing past history and related notes.
• Carrying out documentation for tracking network issue symptoms and large scale technical escalations.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Worked on the security levels with RADIUS, TACACS+.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured switches with port security and 802.1 xs for enhancing customer's security.
• Validate existing infrastructure and recommend new network designs.
• Created scripts to monitor CPU/Memory on various low end routers in the network.
• Configuring and troubleshooting multi-customer network environment.
• Involved in network monitoring, alarm notification and acknowledgement.
• Implementing new/changing existing data networks for various projects as per the requirement.
• Installed and maintained local printer as well as network printers.